Spring Boot整合Shiro+Jwt前后端分离简单实例的代码详情-代码-最代码

首页>代码>Spring Boot整合Shiro+Jwt前后端分离简单实例>/spring-boot-shiro-unless-session/src/main/java/com/cxs/controller/UserController.java
package com.cxs.controller;


import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.cxs.jwt.JwtUtil;
import com.cxs.jwt.Token;
import com.cxs.model.User;
import com.cxs.service.UserService;
import com.cxs.vo.Result;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.credential.PasswordMatcher;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.UUID;

/**
 * <p>
 * 前端控制器
 * </p>
 *
 * @author cxs
 */
@RestController
@RequestMapping("/user")
@Slf4j
public class UserController {

    @Autowired
    private UserService userService;

    @Autowired
    private JwtUtil jwtUtil;


    @PostMapping(value = "/login")
    public Result userLogin(@RequestBody User user) {
        Result result = new Result();
        if (!StringUtils.hasLength(user.getUserName())) {
            result.setCode(HttpStatus.BAD_REQUEST.value()).setMsg("用户名岂能为空");
            return result;
        }
        if (!StringUtils.hasLength(user.getPassword())) {
            result.setCode(HttpStatus.BAD_REQUEST.value()).setMsg("密码岂能为空");
            return result;
        }
        LambdaQueryWrapper<User> wrapper = new LambdaQueryWrapper<>();
        wrapper.eq(User::getUserName, user.getUserName().trim());
        User currentUser = userService.getOne(wrapper);
        if (ObjectUtils.isEmpty(currentUser)) {
            result.setCode(201).setMsg("用户名不存在");
        } else {
            try {
                Md5Hash md5Hash = new Md5Hash(user.getPassword().trim(), user.getUserName().trim(), 1024);
                if (!currentUser.getPassword().equals(md5Hash.toString())) {
                    result.setCode(201).setMsg("用户密码错误");
                } else {
                    Token token = jwtUtil.parseToken(jwtUtil.generateToken(currentUser));
                    if (!ObjectUtils.isEmpty(token)) {
                        result.setCode(200).setMsg("登陆成功").setData(token);
                    }
                }
            } catch (Exception e) {
                result.setCode(500).setMsg("登陆失败,服务器错误");
            }
        }
        return result;
    }

    @GetMapping("/list")
    @RequiresPermissions("admin")  // admin权限才能访问
    public Result list(){
        Result result = new Result();
        result.setCode(200).setData(userService.list(null));
        return result;
    }

    @GetMapping("/public")
    public Result test(){
        Result result = new Result();
        result.setCode(200).setData(UUID.randomUUID().toString()).setMsg("公共方法,用户和管理员均可访问");
        return result;
    }
}